REMARKS 

The Examiner is thanked for the performance of a thorough search. Claims 5 and 17 
were previously canceled. Hence, claims 1-4, 6-16 and 18-30 are pending in this application. 
All issues raised in the Office Action mailed May 5, 2009 are addressed hereinafter. 
I. ISSUES RELATING TO ALLEGED PRIOR ART 

A. CLAIMS — 35 U.S.C. § 102(e): PFITZNER 

Claims 1, 6-11, 13, 18-23 and 27-30 stand rejected under 35 U.S.C. § 102(e) as allegedly 
anticipated by Pfitzner et al., U.S. Patent No. 7,506,069 ("Pfitznei^')- (Office Action, page 2) 
This rejection is respectfully traversed. 

CLAIM 1 

Current Claim 1 recites: 

1. A method of providing access to services across a computer network, comprising the step 
of: 

generating an authentication, autliorization and access request by a requesting 

network access device through which, upon a successful authentication and 
authorization of an end user device to the computer network, the end user 
device can obtain access to network resources, said authentication, 
authorization and access request comprising a requesting network access 
device description and a plurality of service requests indicative of computer 
services for which the requesting network access device requests 
provisioning; 

wherein the requesting network access device description includes one or more of: a 
requesting network access device vendor, a requesting network access device 
type and a requesting network access device version; and 

forwarding, to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network. 

Support for the amendment is provided at least in paragraphs [17]-[26], [29]-[33] and 
FIG. 1 of the applicants' specification. 

Claim 1 recites an "authentication, authorization and access request," which is known as 
a term of art. It describes a request sent to an authentication, authorization and accounting 
(AAA) server by a network access server (NAS) on behalf of an end-user. 
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As recited in Claim 1, an authentication, authorization and access request comprises a 
plurality of service requests indicative of computer services for which the requesting NAS 
requests provisioning on behalf of the end-user. The request allows the end-user device to 
request and obtain access to services and resources available in a computer network. As depicted 
in applicants' FIG. 1, an end-user is connected to a NAS and uses the NAS as a point of access to 
a computer network. The authentication, authorization and access request is sent by the NAS on 
behalf of the end-user to negotiate for the end-user access to the network resources. The NAS 
connects the end-user with the network. The NAS forwards the authentication, authorization and 
access request to AAA server, as recited in Claim 1. 

The AAA request may comprise end user credentials such as, for example, a usemame, 
password, security certificate, etc. However, as described in paragraph [4] of the applicants' 
specification, conventional methods for requesting access to network resources allow sending the 
user's credentials and a description of requested resources, but do not allow a NAS to describe 
itself to an AAA server. For example, in conventional systems, the NAS could not indicate to 
an AAA server whether the NAS is a router, WLAN AP, Ethernet switch, VPN concentrator, 
firewall, etc. Furthermore, in a conventional system the NAS cannot indicate to the AAA server 
information about the NAS vendor, NAS type, NAS Operating System version, NAS physical 
location, etc. These shortcomings are overcome in the method recited in Claim 1. 

According to Claim 1, in addition to a plurality of service requests indicative of computer 
services for which the requesting network access device requests provisioning, the AAA request 
comprises a requesting network access device description." The requesting network access 
device description includes one or more of a requesting network access device vendor, a 
requesting network access device type and a requesting network access device version. 
Therefore, when the AAA request is forwarded to an AAA server, the AAA server is provided 
not only with the credentials and service requests, but also the description of the requesting 
network access device vendor, type and version. 



50325-0837 (Seq. No. 7345) 



9 



As described in paragraph [26] of the applicants' specification, the approach of Claim 1 
is beneficial in managing network because it "provides a way for the AAA server to choose 
among multiple services that are offered by a single network device," and "authentication and 
authorization can be provided in a more granular manner (by service/user)" than provided 
otherwise. 

"A claim is anticipated only if each and every element as set forth in the claim is found, 
either expressly or inherently described, in a single prior art reference." Verdegaal Bros. v. 
Union Oil Co. of California, 814 F.2d 628, 631, 2 USPQ2d 1051, 1053 (Fed. Cir. 1987). Claim 
1 is not anticipated by Pfitzner because Claim 1 recites one or more features as shown in bold 
that are not described in Pfitzner. For example, Pfitzner does not anticipate "generating an 
authentication, authorization and access request by a requesting network access device through 
which, upon a successful authentication and authorization of an end user device to the computer 
network, the end user device can obtain access to network resources, said authentication, 
authorization and access request comprising a requesting network access device description 
and a plurality of service requests indicative of computer services for which the requesting 
network access device requests provisioning," as recited in Claim 1. 

Pfitzner describes requests for access to documents and websites, not "authentication, 
authorization and access requests . . . through which, upon a successful authentication and 
authorization. . . an end user device can obtain access to network resources," as claimed. Pfitzner 
describes a system where end-users can send meeting requests (Pfitzner: Col. 10, 11. 64-67), 
requests to access a meeting (Pfitzner: Col. 11, 11. 4-7), and requests to access documents stored 
on servers (Pfitzner: Col. 6, 11. 41-43). The meeting requests contain URLs with details about the 
meeting (Pfitzner: Col. 10, 11. 15, 24-25) and document requests contain URLs of documents 
(Pfitzner: Col. 5, 11. 18-23). However, Pfitzner' s requests are not AAA that are sent to 
authenticate and authorize users and do not identify an access server or other intermediary. 
Instead, Pfitzner assumes that the users are already successfully authorized and authenticated, so 
no AAA request is needed. Pfitzner does not describe authentication in any form, such as 
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verifying a user' s credentials, passwords, or certificates. Hence, Pfitzner' s approach is unrelated 
to the approach recited in Claim 1. 

Further, in Pfitzner, only characteristics of a user's device are sent to a server. There is 
no communication of the characteristics of an access server or other intermediary through which 
the end user device can obtain access to network resource, as claimed. Any access request that 
might exist in Pfitzner does not comprise the claimed "requesting network access device 
description." 

Pfitzner also does not anticipate "wherein the requesting network access device 
description includes one or more of: a requesting network access device vendor, a requesting 
network access device type, a requesting network device version," as recited in Claim 1. In 
Pfitzner, along with a request, the user sends computing environment information that includes 
characteristics and capabilities of the user's device, such as size or type of a display of the user's 
device. (Pfitzner: Col. 7, 11. 16-22) However, Pfitzner does not disclose a requesting network 
access device through which the end user device can obtain access to network resources, as 
claimed. Therefore, Pfitzner' s description of the characteristics of the user's device cannot 
correspond to the claimed requesting network access device description of Claim 1. 

Therefore, Claim 1 recites one or more features that are not anticipated by Pfitzner. 

Reconsideration and withdrawal of the rejection is respectfully requested. 
CLAIMS 11, 13, 19 AND 23 

Claims 11, 13, 19 and 23 recite features similar to those in Claim 1. Therefore, Claims 
11, 13, 19 and 23 are patentable over Pfitzner for the same reasons as for Claim 1. 

Reconsideration and withdrawal of the rejection are respectfully requested. 
CLAIMS 24-30 

Claims 24-30 recite features similar to those in Claims 11,13 and 23 or depend on 
Claims 11,13 and 23, except that they are directed to a computer-readable storage medium. 
Therefore, Claims 24-30 are patentable over Pfitzner for the same reasons as for Claims 11,13 
and 23. 
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Reconsideration and withdrawal of the rejection are respectfully requested. 

B. CLAIMS — 35 U.S.C. § 103(e): PFITZNER, ANDERSON 

Claims 2-4, 12, 14-16 and 24-26 stand rejected under 35 U.S.C. § 103(a) as allegedly 
anticipated by Pfitzner et al., U.S. Patent No. 7,506,069 ("Pfitzner") in view of Anderson et al., 
U.S. Patent No. 7,089,316 ("Anderson"). (Office Action, page 8) This rejection is respectfully 
traversed. 

Claims 2-4, 12, 14-16 and 24-26 depend from Claims 1, 11, 13, 19 and 23, respectively. 
As discussed above. Claim 1(11, 13, 19 and 23, respectively) recites at least one feature that is 
not disclosed in Pfitzner. Further, Anderson does not cure the deficiencies of Pfitzner with 
respect to Claim 1(11, 13, 19 and 23) because Anderson does not anticipate "generating an 
access request by a requesting network access device, through which an end user device can 
obtain access to network resources, and which is forwarded for authentication and authorization, 
wherein the requesting network access device description includes one or more of: a requesting 
network access device vendor, a requesting network access device type and a requesting network 
access device version," as recited in Claim 1. 

The Office Action accepted applicants' arguments, submitted by the applicants in the 
previous reply, that Anderson does not anticipate the "generating [...]," by withdrawing 35 
U.S.C. § 102(e) rejection of Claims 1, 11, 13, 19 and 23 based on Anderson. 

Therefore, for the foregoing reasons and additionally due to claim dependency, Pfitzner 
and Anderson, individually or in combination, fail to describe or suggest the whole subject 
matter recited in Claims 2-4, 12, 14-16 and 24-26. 

Reconsideration and withdrawal of the rejection is respectfully requested. 

C. DEPENDENT CLAIMS 

The claims that are not discussed above depend directly or indirectly on the claims that 
have been discussed. Therefore, those claims are patentable for the reasons given above. In 
addition, each of the dependent claims separately introduces features that independently render 
the claim patentable. However, due to the fundamental differences already identified, and to 
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expedite positive resolution of the examination, separate arguments are not provided for each of 
the dependent claims at this time, 
n. CONCLUSION 

For the reasons set forth above, all pending claims are in condition for allowance. A 
petition for an extension of time is hereby made to the extent necessary to make this reply timely 
filed. If any applicable fee is missing or insufficient, the Commissioner is authorized to charge 
any applicable fee to our Deposit Account No. 50-1302. 

Respectfully submitted, 

HICKMAN PALERMO TRUONG & BECKER LLP 

Date: August 5, 2009 /MalgorzataAKulczvcka#5Q496/ 
Malgorzata A. Kulczycka 
Reg. No. 50,496 

2055 Gateway Place, Suite 550 
San Jose, California 95 110 
Telephone: (408) 414-1228 
Facsimile: (408) 414-1076 
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